The US has sanctioned organizations behind North Korea’s IT army that funds the North Korean government

The US has sanctioned organizations behind North Korea's IT army that funds the North Korean government

The United States has sanctioned four entities and one individual involved in financial-motivated cyberattacks around the world that support the government of North Koreathe US Treasury Department announced.

Three entities – the Pyongyang University of Automation, the Technical Reconnaissance Bureau and its subordinate cyber unit, the 110th Research Center – were sanctioned for their links to North Korea’s intelligence service, the Reconnaissance General Bureau (RGB), which is behind many malicious activities such as cyber espionage and theft.

“The North Korea-based Technical Reconnaissance Bureau is behind the development of offensive cyber tactics and tools in North Korea and operates several departments, including those associated with the Lazarus group,” the US Treasury Department said.

Sanctions were also introduced against Chinyong Information Technology Cooperation.

The North Korean strategy relies heavily on a huge “army” made up of thousands of IT workers who, hiding their identity and origin, are fraudulently employed in companies abroad. In order to gain employment at the desired companies, they employ various deception tactics, including the use of stolen and false identities and falsified documents.

These people are employed around the world, especially in Russia, to use their earnings, including virtual currencies, to finance the regime in North Korea and its priorities, such as weapons of mass destruction and ballistic missile development and production programs.

The Pyongyang University of Automation is responsible for training hackers, many of whom work for the Reconnaissance General Bureau (RGB), which is North Korea’s main intelligence agency responsible for coordinating cyber attacks.

The RGB Technical Reconnaissance Bureau and the 110th Research Center Cyber ​​Unit are involved in the development of tools, coordination of departments linked to North Korean hackers such as those from the notorious Lazarus group, and cyber attacks targeting companies primarily in the United States and South Korea. Korea.

Chinyong Information Technology Cooperation (also known as Jinyong IT Cooperation) is affiliated with North Korea’s Ministry of People’s Armed Forces and coordinates IT workers working abroad to generate revenue for the country’s regime.

North Korean citizen Kim Sang Man is also on the sanctioned list. The US suspects him of being involved in paying the salaries of IT workers abroad.

A year ago, the USA imposed sanctions Tornado Cash i Blender.iothe cryptocurrency mixers used by North Korean hackers from the Lazarus group to launder much of the $620 million worth of Ethereum stolen in the largest known cryptocurrency heist ever after Axie Infinity hacks in April 2022.

Hacker groups from South Korea, Lazarus, Bluenoroff and Andariel were also sanctioned in September 2019 for funding their country’s government with money stolen in cyber attacks.

According to the report panel of United Nations experts, North Korean hackers are responsible for record cryptocurrency thefts that took place last year.

It is estimated that they stole between 630 million and 1 billion dollars in 2022surpassing previous years’ numbers and doubling Pyongyang’s gains from cyber thefts that occurred in 2021.

Photo: Micha Brandli / Unsplash

Source: by

*The article has been translated based on the content of by If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!